1
0
mirror of https://passt.top/passt synced 2024-12-22 05:35:23 +00:00

Compare commits

..

2 Commits

Author SHA1 Message Date
David Gibson
a7e4bfb857 pasta: Strip RTA_PREFSRC when copying routes to the namespace
Host routes can include a preferred source address (RTA_PREFSRC), which
must be one of the host's addresses.  However when using pasta with -a the
namespace might be given a different address, not on the host.  This seems
to occur pretty routinely depending on the network configuration systems
in place on the host.

With --config-net we will try to copy host routes to the namespace.  If
one of those includes an RTA_PREFSRC, but the namespace doesn't have the
host address, this will fail with -EINVAL, causing pasta to fail.

Fix this by stripping off RTA_PREFSRC attributes from routes as we copy
them to the namespace.  This is by no means infallible, bit it should at
least handle common cases for the time being.

Link: https://bugs.passt.top/show_bug.cgi?id=71
Link: https://github.com/containers/podman/pull/19699#issuecomment-1688769287
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-08-23 15:52:31 +02:00
Stefano Brivio
5e4f7b92b0 netlink: Set IFA_ADDRESS, not just IFA_LOCAL, while adding IPv4 addresses
Otherwise, we actually configure the address, but it's not usable
because no local route is added by the kernel.

Link: https://github.com/containers/podman/pull/19699
Fixes: cfe7509e5c ("netlink: Use struct in_addr for IPv4 addresses, not bare uint32_t")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
2023-08-23 09:34:44 +02:00

View File

@ -462,8 +462,21 @@ int nl_route_dup(int s_src, unsigned int ifi_src,
for (rta = RTM_RTA(rtm), na = RTM_PAYLOAD(nh); RTA_OK(rta, na);
rta = RTA_NEXT(rta, na)) {
if (rta->rta_type == RTA_OIF)
if (rta->rta_type == RTA_OIF) {
/* The host obviously list's the host interface
* id here, we need to change it to the
* namespace's interface id
*/
*(unsigned int *)RTA_DATA(rta) = ifi_dst;
} else if (rta->rta_type == RTA_PREFSRC) {
/* Host routes might include a preferred source
* address, which must be one of the host's
* addresses. However, with -a pasta will use a
* different namespace address, making such a
* route invalid in the namespace. Strip off
* RTA_PREFSRC attributes to avoid that. */
rta->rta_type = RTA_UNSPEC;
}
}
}
@ -629,6 +642,7 @@ int nl_addr_set(int s, unsigned int ifi, sa_family_t af,
memcpy(&req.set.a4.l, addr, sizeof(req.set.a4.l));
req.set.a4.rta_l.rta_len = rta_len;
req.set.a4.rta_l.rta_type = IFA_LOCAL;
memcpy(&req.set.a4.a, addr, sizeof(req.set.a4.a));
req.set.a4.rta_a.rta_len = rta_len;
req.set.a4.rta_a.rta_type = IFA_ADDRESS;
}